<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1" import="Connect.*" %>

<%@include file="restrict_to_not_logged_in.jsp"%>
<%
	// Retrieve the submitted information.
	String username = request.getParameter("username");
	String password = request.getParameter("password");
	String retype_password = request.getParameter("retype_password");
	String email = request.getParameter("email");
	String first_name = request.getParameter("first_name");
	String last_name = request.getParameter("last_name");
	String address = request.getParameter("address");
	String city = request.getParameter("city");
	String state = request.getParameter("state");
	String zip_code = request.getParameter("zip_code");
	String telephone = request.getParameter("telephone");
	String credit_card_number = request.getParameter("credit_card_number");

	// Check if the username is at least 5 characters long and less than
	// or equal 16 characters.
	boolean username_test = username.length() >= 5 && username.length() <= 16;
	// Check if the password is at least 5 characters long and less than
	// or equal 16 characters.
	boolean password_test = password.length() >= 5 && password.length() <= 16;
	// Check if the password and retype password match.
	boolean retype_password_test = password.equals(retype_password);
	// Check if email has an @ character and if there is a period anywhere
	// after the @ character.
	boolean email_test = email.contains("@") && email.indexOf("@") < email.lastIndexOf(".");
	// No tests for these fields yet.
	boolean first_name_test = true;
	boolean last_name_test = true;
	boolean address_test = true;
	boolean city_test = true;
	boolean state_test = true;
	// Check if zip code is an integer.
	boolean zip_code_test = true;
	try {
		int num = Integer.parseInt(zip_code);
	} catch (Exception e) {
		zip_code_test = false;
	}
	// Check if telephone is a long integer.
	boolean telephone_test = true;
	try {
		long num = Long.parseLong(telephone);
	} catch (Exception e) {
		telephone_test = false;
	}
	// Check if credit card number is a 16 digit long integer.
	boolean credit_card_number_test = credit_card_number.length() == 16;
	try {
		long num = Long.parseLong(credit_card_number);
	} catch (Exception e) {
		credit_card_number_test = false;
	}

	// Compile the error messages together.
	String errors = "";
	if (!username_test) {
		errors += "* Username must be between 5 and 16 characters, inclusive.<br />";
	}
	if (!password_test) {
		errors += "* Password must be between 5 and 16 characters, inclusive.<br />";
	}
	if (!retype_password_test) {
		errors += "* The two passwords do not match.<br />";
	}
	if (!email_test) {
		errors += "* Emails must have the '@' symbol before the last '.'.'<br />";
	}
	if (!first_name_test) {
		errors += "<br />";
	}
	if (!last_name_test) {
		errors += "<br />";
	}
	if (!address_test) {
		errors += "<br />";
	}
	if (!city_test) {
		errors += "<br />";
	}
	if (!state_test) {
		errors += "<br />";
	}
	if (!zip_code_test) {
		errors += "* ZIP code must be an integer.<br />";
	}
	if (!telephone_test) {
		errors += "* Telephone must be an integer. Do not include the '-'s.<br />";
	}
	if (!credit_card_number_test) {
		errors += "* Credit card number must be a 16 digit integer. Do not include '-'s.<br />";
	}

	// If there are any errors abort registration and send the user back to the
	// register page. It also saves non-password type data that the user has submitted.
	if (!errors.equals("")) {
		session.setAttribute("register_errors", errors);
		session.setAttribute("username", username);
		session.setAttribute("email", email);
		session.setAttribute("first_name", first_name);
		session.setAttribute("last_name", last_name);
		session.setAttribute("address", address);
		session.setAttribute("city", city);
		session.setAttribute("state", state);
		session.setAttribute("zip_code", zip_code);
		session.setAttribute("telephone", telephone);
		session.setAttribute("credit_card_number", credit_card_number);
		response.sendRedirect("register.jsp");
	} else {

		// Getting information and updating the database.
		java.sql.Connection conn = null;
		try {
			// Connect to the database.
			Class.forName(ConnectionInfo.myJDBCDriver()).newInstance();
			java.util.Properties sysprops = System.getProperties();
			sysprops.put("user", ConnectionInfo.myUserID());
			sysprops.put("password", ConnectionInfo.myPassword());
			conn = java.sql.DriverManager.getConnection(ConnectionInfo.myURL(), sysprops);

			// Check if the requested username exists.
			java.sql.Statement statement = conn.createStatement();
			java.sql.ResultSet rs = statement.executeQuery("SELECT username FROM users WHERE username = '" + username + "'");
			if (rs.next()) {
				// If the username already exists send the user back to the register page with
				// an error message.
				session.setAttribute("register_errors", "* This username has already been taken.");
				session.setAttribute("username", username);
				session.setAttribute("email", email);
				session.setAttribute("first_name", first_name);
				session.setAttribute("last_name", last_name);
				session.setAttribute("address", address);
				session.setAttribute("city", city);
				session.setAttribute("state", state);
				session.setAttribute("zip_code", zip_code);
				session.setAttribute("telephone", telephone);
				session.setAttribute("credit_card_number", credit_card_number);
				response.sendRedirect("register.jsp");
			} else {
				// If the username is not in the database create a new account.
				username = "'" + username + "'";
				password = "'" + password + "'";
				email = "'" + email + "'";
				first_name = "'" + first_name + "'";
				last_name = "'" + last_name + "'";
				address = "'" + address + "'";
				city = "'" + city + "'";
				state = "'" + state + "'";
				zip_code = "'" + zip_code + "'";
				telephone = "'" + telephone + "'";
				credit_card_number = "'" + credit_card_number + "'";
				statement.executeUpdate("INSERT INTO "
						+ "users (username, password, email, first_name, last_name, address, city, state, zip_code, telephone)" + "VALUES ("
						+ username + "," + password + "," + email + "," + first_name + "," + last_name + "," + address + "," + city + ","
						+ state + "," + zip_code + "," + telephone + ")");
				statement.executeUpdate("INSERT INTO " + "customers (username, rating, credit_card_number)" + "VALUES (" + username + ","
						+ "'1'," + credit_card_number + ")");
			}
			out.println("Successful Registrion! You will be redirected to the login page in 5 seconds.");
			out.println("<a href=\"login.jsp\">Click here if you can't wait!</a>");
			response.setHeader("Refresh", "5; login.jsp");
		} catch (Exception e) {
			e.printStackTrace();
			out.print(e.toString());
		} finally {
			try {
				conn.close();
			} catch (Exception ee) {
			}
		}
	}
%>